Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/n1emf7dU4insDOrXIZD-sI0lYtU.roa
File:                     n1emf7dU4insDOrXIZD-sI0lYtU.roa (raw, json)
Hash identifier:          VeNWlgoA0nC0Qa7mzTzlBTNSGMA1GpRGiiBYQydwuBI=
Subject key identifier:   9F:57:A6:7F:B7:54:E2:29:EC:0C:EA:D7:21:90:FE:B0:8D:25:62:D5
Certificate issuer:       /CN=e5f9ad212cd65ab4ee2b8e9b3f8b833c3900ea7d
Certificate serial:       0186CC172191C3C81379BDEDD3474D72D406
Authority key identifier: E5:F9:AD:21:2C:D6:5A:B4:EE:2B:8E:9B:3F:8B:83:3C:39:00:EA:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5fmtISzWWrTuK46bP4uDPDkA6n0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/n1emf7dU4insDOrXIZD-sI0lYtU.roa
Signing time:             Fri 10 Mar 2023 15:15:13 +0000
ROA not before:           Fri 10 Mar 2023 15:15:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58209
IP address blocks:        217.18.81.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:cc:17:21:91:c3:c8:13:79:bd:ed:d3:47:4d:72:d4:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5f9ad212cd65ab4ee2b8e9b3f8b833c3900ea7d
        Validity
            Not Before: Mar 10 15:15:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f57a67fb754e229ec0cead72190feb08d2562d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d8:0b:04:0f:34:f1:a7:22:8f:33:79:92:2b:
                    be:3d:69:c4:3e:7f:66:c6:58:a0:ab:3a:a0:b0:fd:
                    46:fe:cc:1d:4f:38:34:7a:b8:b3:5f:16:60:63:8d:
                    2f:1a:96:88:50:07:9a:e3:50:57:a8:b5:1a:a4:21:
                    70:23:ca:1b:0a:0b:5c:68:2c:cb:83:ec:41:a0:26:
                    9e:f2:e0:76:c3:ab:ea:7b:b5:01:0b:9e:d2:88:f1:
                    3e:f3:de:1c:63:94:9f:42:3c:6b:d7:bf:72:d4:9c:
                    55:3d:77:3d:16:ea:57:a2:b2:6e:95:e3:f6:70:f1:
                    4e:59:e5:05:61:4c:9c:0a:72:56:20:c8:71:79:44:
                    85:2a:b7:b8:95:b4:ef:88:ec:a0:c7:b0:5e:8c:c1:
                    e4:dd:0a:c8:a7:3f:6b:47:23:37:c0:bc:08:1c:53:
                    26:9e:92:0d:fa:c0:28:47:6c:fe:f0:5f:ac:08:d9:
                    6f:16:5f:08:58:07:b7:65:a2:77:a6:61:e5:d5:63:
                    1b:81:57:94:fe:41:06:9d:bf:bc:3a:04:db:5d:cb:
                    20:25:4c:85:f2:ee:8e:5c:11:13:73:09:3a:fd:46:
                    49:24:ca:25:95:85:f5:50:78:d1:93:88:bb:de:6a:
                    a0:9c:6b:73:66:41:04:bc:0e:58:7d:86:38:62:76:
                    c3:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:57:A6:7F:B7:54:E2:29:EC:0C:EA:D7:21:90:FE:B0:8D:25:62:D5
            X509v3 Authority Key Identifier:
                keyid:E5:F9:AD:21:2C:D6:5A:B4:EE:2B:8E:9B:3F:8B:83:3C:39:00:EA:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5fmtISzWWrTuK46bP4uDPDkA6n0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/n1emf7dU4insDOrXIZD-sI0lYtU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/5fmtISzWWrTuK46bP4uDPDkA6n0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.18.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:00:f8:b2:c6:6c:ec:83:ab:fb:93:09:17:9a:9a:e7:96:36:
         92:39:8f:12:32:07:43:15:bf:81:d4:26:59:d0:4c:9f:48:ad:
         27:ff:6d:b3:fb:dc:09:cc:27:a6:d6:65:07:e8:2f:4e:82:15:
         27:ac:a1:40:f4:52:28:90:37:27:42:62:93:3b:ea:e4:4f:82:
         6b:e7:fe:57:ee:b7:17:9d:b5:ed:7a:e0:a9:45:74:e9:e9:9b:
         e3:b1:47:ad:fc:27:7b:ae:6f:c2:ce:7e:6b:c0:90:25:42:f9:
         09:39:25:bd:f9:24:02:1b:d0:fc:42:17:2a:62:21:13:50:66:
         a0:fc:20:c8:d0:e2:18:ac:55:66:b1:be:19:b0:70:cc:7c:d9:
         90:fe:46:87:29:f2:b1:7c:93:c8:36:5c:e5:a7:80:4c:e5:a9:
         76:a9:8b:cf:3c:84:25:52:f2:a6:39:e2:f5:33:60:87:b9:b9:
         7e:9f:23:05:45:68:9d:b3:43:46:db:f7:c8:37:3c:34:97:82:
         0e:46:94:83:09:28:0d:fd:e6:79:bf:bc:18:35:5a:e7:84:f9:
         79:fc:6b:80:e6:41:1b:f4:57:1c:cb:15:99:e7:99:0d:cf:d8:
         01:b3:47:40:e9:12:d2:36:4a:b7:aa:d0:66:67:a3:09:74:ce:
         dc:de:db:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbMFyGRw8gTeb3t00dNctQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZjlhZDIxMmNkNjVhYjRlZTJiOGU5YjNmOGI4MzNjMzkw
MGVhN2QwHhcNMjMwMzEwMTUxNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjU3YTY3ZmI3NTRlMjI5ZWMwY2VhZDcyMTkwZmViMDhkMjU2MmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNgLBA808acijzN5kiu+PWnEPn9m
xligqzqgsP1G/swdTzg0erizXxZgY40vGpaIUAea41BXqLUapCFwI8obCgtcaCzL
g+xBoCae8uB2w6vqe7UBC57SiPE+894cY5SfQjxr179y1JxVPXc9FupXorJuleP2
cPFOWeUFYUycCnJWIMhxeUSFKre4lbTviOygx7BejMHk3QrIpz9rRyM3wLwIHFMm
npIN+sAoR2z+8F+sCNlvFl8IWAe3ZaJ3pmHl1WMbgVeU/kEGnb+8OgTbXcsgJUyF
8u6OXBETcwk6/UZJJMollYX1UHjRk4i73mqgnGtzZkEEvA5YfYY4YnbDiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ9Xpn+3VOIp7Azq1yGQ/rCNJWLVMB8GA1UdIwQY
MBaAFOX5rSEs1lq07iuOmz+Lgzw5AOp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWZtdElTeldXclR1SzQ2YlA0dURQRGtBNm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mODA5MjYtZTlhOS00MWY5LTk1YTAt
OWI4MTNhMjAwMmFhLzEvbjFlbWY3ZFU0aW5zRE9yWElaRC1zSTBsWXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mODA5MjYtZTlhOS00MWY5LTk1YTAtOWI4MTNhMjAwMmFh
LzEvNWZtdElTeldXclR1SzQ2YlA0dURQRGtBNm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RJRMA0G
CSqGSIb3DQEBCwUAA4IBAQBYAPiyxmzsg6v7kwkXmprnljaSOY8SMgdDFb+B1CZZ
0EyfSK0n/22z+9wJzCem1mUH6C9OghUnrKFA9FIokDcnQmKTO+rkT4Jr5/5X7rcX
nbXteuCpRXTp6ZvjsUet/Cd7rm/Czn5rwJAlQvkJOSW9+SQCG9D8QhcqYiETUGag
/CDI0OIYrFVmsb4ZsHDMfNmQ/kaHKfKxfJPINlzlp4BM5al2qYvPPIQlUvKmOeL1
M2CHubl+nyMFRWids0NG2/fINzw0l4IORpSDCSgN/eZ5v7wYNVrnhPl5/GuA5kEb
9FccyxWZ55kNz9gBs0dA6RLSNkq3qtBmZ6MJdM7c3tt6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:06 2024 by rpki-client on console-fra.rpki-client.org